Secure, differentiated reading of sensors and rfid tags

ABSTRACT

Secure access to inventory data concerning a supplier&#39;s product located at a seller&#39;s premises is provided by tagging units of product with a supplier identifier and a product identifier. The identifiers may be embedded in RFID tags or EPC labels. A secure VPN tunnel is established between a supplier and a seller. The VPN tunnel is associated with a particular supplier identifier such that only inventory data associated with the supplier identifier that matches the supplier is transmitted on the VPN tunnel, and inventory data associated with supplier identifiers that do not match the supplier are filtered out. Hence, the seller can provide the supplier with access to inventory data without exposing sensitive information related to the seller and other suppliers.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No. 11/287,131 entitled SECURE, DIFFERENTIATED READING OF SENSORS AND TAGS, filed Jun. 14, 2011 which claims priority to U.S. Provisional Patent Application 60/630,411, filed Nov. 23, 2004, which is incorporated herein by reference.

FIELD OF THE INVENTION

This invention relates generally to the field of network communications, and more particularly to inventory management.

BACKGROUND OF THE INVENTION

Information Technology (“IT”) has enabled enterprises to more accurately monitor and control critical aspects of their business such as inventory. With accurate, timely inventory data an enterprise can order supplies and build products in a timely manner, thereby reducing the possibilities of running short of supplies or products, and storing more product than can be sold in a reasonably short amount of time. However, recent trends in business practices have made it more difficult for some enterprises to obtain accurate and timely inventory data.

It is now common for suppliers to large retailers to retain ownership of products up until the time of purchase. Further, the suppliers may be held responsible for maintaining a sufficient supply of product in the stores. Obtaining accurate and timely inventory data under such circumstances is difficult because, apart from manually monitoring the stores, the inventory data can only be obtained via the network of the retailer. Referring to FIG. 1, the retailer or supplier may tag products with Radio Frequency ID (“RFID”) tags (100) which are detectable by RFID readers (102) positioned in the store so that it becomes possible to automatically determine how many units (104) of a given product are on the store shelves. Data from all RFID readers in a store, and even from multiple stores, may be provided to the retailer's RFID Event Management System (106), and subsequently to a data center (108) via a Virtual Local Area Network (“VLAN”) on an Enterprise IP network (110). However, in order to prevent a given supplier, e.g., supplier (112), from obtaining sensitive data associated with the retailer or other suppliers (114, 116) it is necessary to limit the supplier's access to data in the data center (108). In particular, it is necessary for the retailer to determine which supplier provided the product for each supplier inquiry about a product in order to limit the access of supplier (112) access to only data associated with product provided by that supplier (112). This can be complicated and time consuming because associations between products and suppliers are manually entered by the retailer, e.g., via an RFID back office station (118), and a retailer may sell many different types of products, change product lines frequently, and obtain particular products from multiple suppliers. For these and other reasons suppliers would like to have technology that eliminates the need for them to maintain a large centralized database from their warehouse by shifting responsibility for data retrieval and retention to the individual suppliers.

SUMMARY OF THE INVENTION

In accordance with the invention, a method for providing a supplier with secure access to inventory data indicative of units of product at a seller's premises comprises the steps of: associating a product identifier with each unit of product; associating a supplier identifier with each unit of product; detecting, with a reader, the product identifier and supplier identifier associated with a unit of product, thereby producing inventory data; establishing a secure Virtual Private Network (“VPN”) tunnel between the supplier and the seller; steering inventory data associated with the supplier identifier that matches the supplier to the VPN tunnel; and filtering inventory data associated with supplier identifiers that do not match the supplier from the VPN tunnel.

In further accordance with the invention apparatus for providing a supplier with secure access to inventory data indicative of units of product at a seller's premises comprises: a machine-readable product identifier associated with each unit of product; a machine-readable supplier identifier associated with each unit of product; a reader operable to detect the product identifier and supplier identifier associated with a unit of product, thereby producing inventory data; a secure Virtual Private Network (“VPN”) tunnel established between the supplier and the seller; and at least one network device operable to steer inventory data associated with the supplier identifier that matches the supplier to the VPN tunnel and filter inventory data associated with supplier identifiers that do not match the supplier from the VPN tunnel.

The invention has advantages including providing the supplier with direct access to inventory data without exposing sensitive information related to the seller and other suppliers. Supplier access to inventory data is enhanced because associations between products and suppliers need not be manually entered. In particular, since each unit of product is tagged with a supplier identifier it is no longer necessary to refer to a database to determine which supplier provided a particular unit of product. Further, because a particular supplier's VPN tunnel is only permitted to carry inventory data associated with the supplier's identifier it is no longer necessary to refer to a table to determine whether a particular supplier is permitted to receive data concerning a particular unit of product.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 is a prior art network diagram illustrating inventory control.

FIG. 2 illustrates an embodiment of inventory control in accordance with the invention.

FIG. 3 illustrates the RFID tag in greater detail.

FIG. 4 illustrates the gateway of FIG. 2 in greater detail.

DETAILED DESCRIPTION

Referring to FIGS. 2 and 3, an enterprise such as a retailer has a network including a gateway (200), database (202), switches (204) and RFID readers (206). RFID tags (208) are affixed to units (104) of product by the enterprise or suppliers. The RFID readers are strategically positioned within stores in order to detect the RFID tags and thereby to determine the number of units of product present in the store. In particular, each RFID tag (208) includes product type identifier (300) which uniquely identifies the product in a manner similar to an Electronic Packaging Code (“EPC”). The readers are operable to scan for RFID tags either periodically or in response to a prompt, and to forward the resulting data to the gateway (200) via the Layer 2/3 switch (204).

In order to facilitate secure provision of inventory data to the suppliers, a binding is created between each unit (104) of product and a particular supplier, e.g., supplier (112). The binding is accomplished via the RFID tags (208). In particular, each RFID tag includes a unique supplier identifier (302) similar to an EPC. By including both a product ID (300) and supplier ID (302) in the RFID tag it becomes possible to differentiate between identical products provided by different suppliers. Further, as will be discussed below, it becomes possible to facilitate secure access to inventory data.

Referring now to FIGS. 2-4, the gateway (200) employs secure VLAN tunnels (210, 212, 214) and the supplier identifiers (302) to provide suppliers with accurate, timely inventory data while mitigating the need for manually associating particular products with particular suppliers. Each supplier is provided with a secure VLAN tunnel to the gateway via the Internet, e.g., supplier (112) has tunnel (210), supplier (114) has tunnel (212), and supplier (116) has tunnel (214). The supplier database (202) is employed to store these bindings between VLAN tunnels and supplier identifiers. The gateway (200) performs a filtering function such that only data regarding products having a particular supplier identifier in the RFID can be provided on a given VLAN tunnel, e.g., if the supplier ID (302) corresponds to supplier (112) then tunnels (212, 214) are only then permitted to transport that data. Further, the gateway performs a steering function such that a given VLAN tunnel is only permitted to receive data associated with a particular supplier identifier, e.g., if the supplier ID (302) corresponds to supplier (112) then the data is directed to tunnel (210). The supplier identifier to VLAN tunnel bindings in the database may be manually maintained. However, this maintenance is less complex and time-consuming than maintaining a database of bindings between suppliers and individual products because there are likely to be fewer entries, and those entries are less likely to change over time.

In an alternative embodiment the reader (206) determines the supplier ID from some other identifier. For example, if a particular product ID is only supplied by one supplier then the product ID itself is a supplier ID. The reader (206) may also be operable to mark packets with an appropriate supplier code, or even the appropriate VLAN identifier. Alternatively, data from an RFID tag is combined with data from an EPC label to provide inventory data. For example, the RFID tag might include the product ID, but not the supplier ID, while the EPC label includes an indication of the supplier ID, e.g., an index into an EPC manufacturer's code in database (202). In this scenario an inventory update could be created at the point of sale by sensing the RFID tag at the time the EPC label is scanned, performing an EPC lookup to identify the manufacturer, and then transporting the data on the VPN tunnel assigned to that EPC manufacturer's code.

In another alternative embodiment the reader or Layer 2/3 switch may implement filtering and steering. In particular, secure VPN tunnels may be created between the suppliers and each reader or Layer 2/3 switch. The VPN tunnels could be formed using IPSec or SSL protocols. Only one supplier is permitted to be associated with any given tunnel.

While the invention is described through the above exemplary embodiments, it will be understood by those of ordinary skill in the art that modification to and variation of the illustrated embodiments may be made without departing from the inventive concepts herein disclosed. Moreover, while the preferred embodiments are described in connection with various illustrative structures, one skilled in the art will recognize that the system may be embodied using a variety of specific structures. Accordingly, the invention should not be viewed as limited except by the scope and spirit of the appended claims. 

1. A method for providing a supplier with secure access to inventory data indicative of units of product at a seller's premises comprising the steps of: associating a product identifier with each unit of product; associating a supplier identifier with each unit of product; detecting, with a reader, the product identifier and supplier identifier associated with a unit of product, thereby producing inventory data; establishing a secure Virtual Private Network (“VPN”) tunnel between the supplier and the seller; steering inventory data associated with the supplier identifier that matches the supplier to the VPN tunnel; and filtering inventory data associated with supplier identifiers that do not match the supplier from the VPN tunnel.
 2. The method of claim 1 in which at least one of the product identifier and supplier identifier are represented in a Radio Frequency Identification (“RFID”) tag.
 3. The method of claim 1 in which at least one of the product identifier and supplier identifier are represented in an Electronic Packaging Code (“EPC”) label.
 4. The method of claim 1 in which the detecting step include the further step of determining the number of units of the product at the premises.
 5. The method of claim 1 in which the detecting step include the further step of determining that a unit of product has been removed from the premises.
 6. The method of claim 1 wherein the steering and filtering steps are executed by a gateway having access to a supplier database having indications of associations between suppliers and VPN tunnels.
 7. The method of claim 1 wherein the steering and filtering steps are executed by a reader, and including the further step of marking packets containing inventory data with a VPN tunnel identifier.
 8. The method of claim 1 wherein the VPN tunnel is established via IPSec.
 9. The method of claim 1 wherein the VPN tunnel is established via SSL.
 10. Apparatus for providing a supplier with secure access to inventory data indicative of units of product at a seller's premises comprising: a machine-readable product identifier associated with each unit of product; a machine-readable supplier identifier associated with each unit of product; a reader operable to detect the product identifier and supplier identifier associated with a unit of product, thereby producing inventory data; a secure Virtual Private Network (“VPN”) tunnel established between the supplier and the seller; and at least one network device operable to steer inventory data associated with the supplier identifier that matches the supplier to the VPN tunnel and filter inventory data associated with supplier identifiers that do not match the supplier from the VPN tunnel.
 11. The apparatus of claim 10 in which at least one of the product identifier and supplier identifier are represented in a Radio Frequency Identification (“RFID”) tag.
 12. The apparatus of claim 10 in which at least one of the product identifier and supplier identifier are represented in an Electronic Packaging Code (“EPC”) label.
 13. The apparatus of claim 10 in which the reader is further operable to determine the number of units of the product at the premises.
 14. The apparatus of claim 10 in which the reader is further operable to determine that a unit of product has been removed from the premises.
 15. The apparatus of claim 10 wherein the at least one network device includes a gateway having access to a supplier database having indications of associations between suppliers and VPN tunnels.
 16. The apparatus of claim 10 wherein the at least one network device includes the reader, and wherein the reader is operable to mark packets containing inventory data with a VPN tunnel identifier.
 17. The apparatus of claim 10 wherein the VPN tunnel is established via IPSec.
 18. The apparatus of claim 10 wherein the VPN tunnel is established via SSL.
 19. A method of providing notification at a first location of information concerning physical items having a particular associated value for a particular variable at a second location without providing corresponding information concerning physical items not having the particular associated value for the particular variable at the second location, each item to be tracked at the second location carrying a physical marking identifying an associated value for the particular variable; the method comprising: capturing the associated value for the particular variable for each item to be tracked at the second location detected from the respective physical marking on each item to be tracked; establishing a secure information channel associated with the particular value of the particular variable to the first location; and sending, to the first location over the secure information channel, information concerning the items for which the particular value was detected for the particular variable at the second location while not sending over the secure channel information concerning items for which the particular value was not detected for the particular variable at the second location.
 20. The method of claim 19, wherein the information concerning the physical items having a particular associated value for a particular variable comprises a count of the physical items having the particular associated value for the particular variable.
 21. The method of claim 19, wherein particular variable is a supplier identity and the particular associated value is an identity of a particular supplier.
 22. The method of claim 19, wherein each item to be tracked at the second location carries a physical marking identifying associated values for plural variables and the information concerning the physical items having a particular associated value for a particular variable comprises information concerning associated values for at least one variable other than the particular variable for items having the particular associated value for the particular variable.
 23. The method of claim 22, wherein: the particular variable is a supplier identity and the particular associated value is an identity of a particular supplier, and the at least one variable other than the particular variable comprises a product identity.
 24. The method of claim 23, wherein the information concerning the physical items comprises a count of items having each respective product identity for all items having the particular supplier identity.
 25. The method of claim 22, wherein the information concerning the physical items comprises a count of items having each respective value of at least one other variable for all items having the particular value of the particular variable.
 26. The method of claim 19, wherein the physical marking comprises a radio frequency tag.
 27. The method of claim 19, wherein the physical marking comprises an electronic packaging code label.
 28. The method of claim 19, wherein capturing the associated value comprises: reading the associated value from the physical marking using a reading device; and sending the associated value from the reader to a database.
 29. The method of claim 19, wherein capturing the associated value comprises storing in a database the associated value read from the physical marking.
 30. The method of claim 29, wherein establishing a secure information channel comprises establishing a secure information channel between the database and the first location.
 31. The method of claim 29, wherein the database is connected to the reading device via a communication channel and a gateway.
 32. The method of claim 31, wherein establishing a secure information channel comprises establishing a secure information channel between the database and the first location via the gateway.
 33. The method of claim 19, wherein establishing a secure information channel comprises establishing a secure data communication tunnel associated with the particular associated value of the particular variable.
 34. The method of claim 33, wherein establishing a secure information channel comprises establishing a virtual private network tunnel associated with the particular value of the particular variable.
 35. The method of claim 19, further comprising: establishing another secure information channel associated with another particular value of the particular variable to a third location; and sending, to the third location over the other secure information channel, information concerning the items for which the other particular value was detected for the particular variable at the second location while not sending over the secure channel information concerning items for which the other particular value was not detected for the particular variable at the second location.
 36. Apparatus for providing notification at a first location of information concerning physical items having a particular associated value for a particular variable at a second location without providing corresponding information concerning physical items not having the particular associated value for the particular variable at the second location, each item to be tracked at the second location carrying a physical marking identifying an associated value for the particular variable, the apparatus comprising: a database operable to capture the associated value for the particular variable for each item to be tracked at the second location from the respective physical marking on each item to be tracked; and a communication gateway operable: to establish a secure information channel associated with the particular value of the particular variable to the first location; and to send, to the first location over the secure information channel, information concerning the items for which the particular value was detected for the particular variable at the second location while not sending over the secure channel information concerning items for which the particular value was not detected for the particular variable at the second location.
 37. The apparatus of claim 36, wherein the information concerning the physical items having a particular associated value for a particular variable comprises a count of the physical items having the particular associated value for the particular variable.
 38. The apparatus of claim 36, wherein particular variable is a supplier identity and the particular associated value is an identity of a particular supplier.
 39. The apparatus of claim 36, wherein each item to be tracked at the second location carries a physical marking identifying associated values for plural variables and the information concerning the physical items having a particular associated value for a particular variable comprises information concerning associated values for at least one variable other than the particular variable for items having the particular associated value for the particular variable.
 40. The apparatus of claim 39, wherein: the particular variable is a supplier identity and the particular associated value is an identity of a particular supplier, and the at least one variable other than the particular variable comprises a product identity.
 41. The method of claim 40, wherein the information concerning the physical items comprises a count of items having each respective product identity for all items having the particular supplier identity.
 42. The apparatus of claim 39, wherein the information concerning the physical items comprises a count of items having each respective value of at least one other variable for all items having the particular value of the particular variable.
 43. The apparatus of claim 36, further comprising: at least one reading device operable to read the associated values from the physical markings; a communication channel connecting the reading device to the database.
 44. The apparatus of claim 43, wherein the communication channel connecting the reading device to the database connects the reading device to the database via the gateway.
 45. The apparatus of claim 36, wherein the gateway is operable to establish a secure information channel by establishing a secure data communication tunnel associated with the particular associated value of the particular variable.
 46. The apparatus of claim 36, wherein the gateway is operable to establish a secure information channel by establishing a virtual private network tunnel associated with the particular value of the particular variable.
 47. The apparatus of claim 36, wherein the gateway is further operable: to establish another secure information channel associated with another particular value of the particular variable to a third location; and to send, to the third location over the other secure information channel, information concerning the items for which the other particular value was detected for the particular variable at the second location while not sending over the secure channel information concerning items for which the other particular value was not detected for the particular variable at the second location. 